Pixarra Selfie Studio Denial-of-Service Vulnerability
Vulnerability
A denial-of-service vulnerability has been identified in Pixarra Selfie Studio version 2.17. The issue arises in the Resize Image function, where local attackers can cause the application to crash by inputting excessively long values into the New Width or New Height fields. This buffer overflow vulnerability leads to a crash of the application.
Impact
Exploitation of this vulnerability causes the application to crash, creating a denial-of-service condition.
Reproduction
To reproduce this vulnerability, first generate a text file containing a long string of characters. This can be done using a simple Python script that writes a thousand-character buffer into a text file. After running the script, copy the contents of the generated file to the clipboard. Then, open Selfie Studio and navigate to the 'Image' menu, selecting 'Resize Image...'. Paste the clipboard contents into either the 'New Width' or 'New Height' field and click 'OK'. The application will crash, demonstrating the denial-of-service vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.